For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

Researchers looking for payment will have to follow Microsoft's ethical testing guidelines and will be prohibited from several practices.

The guidelines prohibit "any kind of Denial of Service testing," gaining access to any data that is not wholly your own, moving beyond "proof of concept" repro steps for server-side execution issues and attempting phishing or other social engineering attacks against the Microsoft's employees.

Microsoft also clarified it will continue to refuse payments for flaws relating to missing HTTP security headers, server-side information disclosure and bugs in the web application that only affect unsupported browsers or plugins that require "unlikely user actions".

URL Redirects vulnerabilities in platform technologies that are not unique to the online services in question or cookie replay vulnerabilities are also listed as ineligible for payment.

The firm also added payments will be strictly at its discretion warning bug hunters:

"Bounty amounts will be determined at Microsoft's discretion based primarily on the impact of the vulnerability. However the detail, quality, and complexity of the vulnerability will also be considered in making a determination. Microsoft retains sole discretion in determining which submissions are qualified."

Microsoft is one of many big technology firms currently running bug bounty programmes. Twitter launched a bug bounty programme, paying from $140 per problem discovered in its web, iOS or Android services earlier in September.